pwk-oscp

pwk-oscp copied to clipboard

During my awesome OSCP journey I collected a few scripts, ideas, resources that help me achieving one of the most world-recognized certifications, so i share it with down here with the whole community. :thumbsup:

:book: How to Become a Pentester

• How to Become a Pentester - TrustedSec
• How to Become a Pentester - Corelan

:books: Books

• Network Security Assessment - O'Reilly
• Penetration Testing - NoStarch
• Total OSCP Guide - sushant747

:page_facing_up: Certifications

• eJPT
• eCPPT

:broken_heart: Vulnerable Machines/Challenges

• VulnHub
  • GoldenEye
  • Lampiao
  • Raven (1 and 2)
  • Wintermute
  • Tr0ll (1 and 2)
  • W1r3s
  • Lord of the Root
  • DerpnStink
  • Kioptrix (1 through 5)
  • FristiLeaks
  • Stapler
  • Pwnlab init
  • BrainPan (BoF!)
  • VulnOS 2
  • IMF
  • SkyTower
  • SickOS (1 and 2)
• HackTheBox
  • Bashed
  • Popcorn
  • Shocker
  • Blue
  • Bank
  • Jeeves
  • Tartarsauce
  • Grandpa
  • Granny
  • CronOS
• Pentester Academy
  • AttackDefense
• PentesterLab
  • PentesterLab
• Root-me
  • Root-me
• Overthewire
  • Wargames

:pencil: Enumeration & :bomb: Exploitation

• Common Ports

:smirk_cat: Privesc

First try the simplest:

• Reuse password for other users
• Enter user's name as password too
• sudo -l
• find / -perm -4000 -type f 2>/dev/null

• Linux
  • [script] LinEnum
  • [script] LinuxPrivChecker
  • GTFobins
  • g0tmilk
• Windows
  • [script] Windows-Exploit-Suggester
  • absolomb
  • guif.re
  • fuzzysecurity
  • tim3warri0r
• Both
  • [Metasploit] post/multi/recon/local_exploit_suggester

:arrow_upper_right: Resources

• ippsec videos
• OSCP useful links - backdoorshell
• Default passwords